DDoS Protection and Security Assurance in Cloud

Abstract

DDoS attacks have become a big concern for enterprises in the era of Internet computing. DDoS attacks have gained large attention from the community due to numerous fatal incidents in the last one decade. In particular, incidents on cloud services and cloud infrastructures have triggered anticipations related to heavy, longer, and hazardous attacks in near future. Additionally, economic losses due to these attacks, have given rise to Economic Denial of Sustainability (EDoS) attacks that exploit the on-demand resource provisioning feature of cloud computing. As attack strikes a service hosted on a cloud platform, the resource bottleneck would occur. Consequently, the ambiguity and inability to differentiate between legitimate and attacker traffic would lead to acquiring or buying more and more resources on the go. These fake resource claims would lead to a heavy economic burden, unnecessary downtime, power consumption, and migrations. This chapter targets at detailing the insights into the DDoS and EDoS attacks in cloud computing. Additionally, this chapter provides a comprehensive sketch of the present state of the art, recent incidents, their impact, cloud pricing and accounting mechanism, and its readiness for these attacks. Through this chapter, we argue that the present solution stack is not sufficient enough to deter or defend DDoS attack on cloud services. The major emphasis of the proposed chapter would be towards security assurance, loss sharing, and providing a detailed guideline about the ideal solutions.